As cyber incidents grow in cleverness and complexity, it is imperative for organizations to be proactive in dealing with security threats. The financial consequences of not counteracting these threats are costly. Other harmful results, such as lost intellectual property, declines in productivity, damage to brand and reputation, and lost revenue are exorbitant as well. (Ponemon Institute LLC, 2012) Today's incident response teams have an unfair disadvantage against cyber attacks. However, most cybernetic analysts are using standard tools and codification to mitigate threats.
Level the playing field
The founders of Hexadite, a Boston-based cyber security firm, Eran Barak, Barak Klinghofer, and Idan Levin have proven the only way to level the playing field is to fight automation with automation. While their backgrounds are in investigation and mitigation for military intelligence units and global defense companies, Barak, Klinghofer, and Levin knew the same types of automated cyber-attacks were plaguing a broad range of other organizations. (Eran Barak, 2016)
Modern antivirus and antimalware software, firewalls and security applications create a massive number of attack alerts. These products are good at finding and reporting suspicious actions. However, they also generate false positives, and the number of false positives exceeds the signals for actual malicious attacks. These false alerts raise a challenging issue for overwhelmed IT experts because they miss the legitimate warnings. (Rash, 2017) This key challenge, along with considerable increases in the number of cyber attacks, calls for a solution that allows organizations to go from a warning to remediation within minutes. Hexadite's software does exactly that, and that is why Microsoft wants to acquire the Hexadite Company.
Microsoft's proactive measure
At the end of May 2017, Microsoft announced its plans to buy Hexadite for $100 million. Barak, Klinghofer, Levin and the Hexadite team have created a fantastic application, and hundreds of millions of people will use the technology as a part of Microsoft's security portfolio. (Burke, 2017)
The Hexadite Automated Incident Response Solution employs artificial intelligence and machine learning. It examines every cyber-attack, investigates each alert in seconds, and enables companies to take action.
Hexadite appeal to Microsoft for several reasons:
- Microsoft's Windows 10 currently offers Windows Defender Advanced Threat Protection to zero-day attacks, ransomware, and others advanced threats. The Hexadite software will build on those applications and help commercial Windows 10 customers deal with attacks on their networks.
- Hexadite will provide benefits to Microsoft such as security services for enterprise and cloud solutions, customers for the services, and significant IT and expertise for artificial intelligence applications.
- The purpose of Hexadite software is to investigate every breach and automatically manage every possible violation. Hexadite must scan the entire output and use automated procedures to view every alert, no matter how insignificant and determine if it is an actual security threat. If it is a threat, the software takes action.
- Hexadite receives alerts from other security hardware and software, tracks and collects data on its own, and data accessible through the cloud and network resources to determine what actions the alleged malware is taking.
Microsoft has requested a Digital Geneva Convention to create global regulations to manage cyber security issues. Hexadite countermeasures, along with global management, are proactive actions, which will bring positive results for Microsoft.